General
-
Target
a62334b80eeebe5073f3dab446f27870_JaffaCakes118
-
Size
17KB
-
Sample
241127-f3j8vawmbn
-
MD5
a62334b80eeebe5073f3dab446f27870
-
SHA1
5788c9db1d4abb9e36ed87e178fcf7da84f00aab
-
SHA256
370a1ff7670051900c30da978d6fa4817503ba83bdec99856934af91370096ef
-
SHA512
789459d2851d8e4c9b646f91e233c2859de30f3f6f30f440ae59bc74800efb482b2bb47d9800eb3f9c9cefc714633cf167198c1a4732886124b7a77948e42335
-
SSDEEP
384:yebFNw4Pk1itKkpAjjI2YpdmvgqSNrPLv:y0FmBkpKjPYpZ
Behavioral task
behavioral1
Sample
a62334b80eeebe5073f3dab446f27870_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
a62334b80eeebe5073f3dab446f27870_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
a62334b80eeebe5073f3dab446f27870_JaffaCakes118
-
Size
17KB
-
MD5
a62334b80eeebe5073f3dab446f27870
-
SHA1
5788c9db1d4abb9e36ed87e178fcf7da84f00aab
-
SHA256
370a1ff7670051900c30da978d6fa4817503ba83bdec99856934af91370096ef
-
SHA512
789459d2851d8e4c9b646f91e233c2859de30f3f6f30f440ae59bc74800efb482b2bb47d9800eb3f9c9cefc714633cf167198c1a4732886124b7a77948e42335
-
SSDEEP
384:yebFNw4Pk1itKkpAjjI2YpdmvgqSNrPLv:y0FmBkpKjPYpZ
Score9/10-
Renames multiple (2189) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Drivers directory
-
Drops startup file
-
Adds Run key to start application
-
Drops file in System32 directory
-